Enable javascript in your browser for better experience. Need to know to enable it? Go here.
Menu
Close
Tools Back
Last updated : Apr 24, 2019
NOT ON THE CURRENT EDITION
This blip is not on the current edition of the Radar. If it was on one of the last few editions, it is likely that it is still relevant. If the blip is older, it might no longer be relevant and our assessment might be different today. Unfortunately, we simply don't have the bandwidth to continuously review blips from previous editions of the Radar. Understand more
Apr 2019
Trial ? Worth pursuing. It is important to understand how to build up this capability. Enterprises should try this technology on a project that can handle the risk.

How does an organization give autonomy to delivery teams while still making sure their deployed solutions are safe and compliant? How do you ensure that servers, once deployed, maintain a consistent configuration without drift? InSpec is positioned as a solution for continuous compliance and security, but you can also use it for general infrastructure testing. InSpec allows the creation of declarative infrastructure tests, which can then be continuously run against provisioned environments including production. Our teams particularly praise its extensible design with resources and matchers for multiple platforms. We recommend trialling InSpec as a solution to the problem of assuring compliance and security.

Nov 2017
Assess ? Worth exploring with the goal of understanding how it will affect your enterprise.

How does a business hand autonomy to delivery teams while still making sure their deployed solutions are safe and compliant? How do you ensure that servers, once deployed, remain secure and compliant over their operational lifetime? These are the problems that InSpec tries to address. InSpec is an infrastructure testing tool inspired by Serverspec, but with modifications that make the tool more useful for security professionals who need to ensure compliance across thousands of servers. Individual tests can be combined into complete security profiles and run remotely from a command line. InSpec is useful for developers but extends to testing deployed production infrastructure continuously, moving toward QA in production.

Mar 2017
Assess ? Worth exploring with the goal of understanding how it will affect your enterprise.

How does a business hand autonomy to delivery teams while still making sure their deployed solutions are safe and compliant? How do you ensure that servers, once deployed, remain secure and compliant over their operational lifetime? These are the problems that InSpec tries to address. InSpec is an infrastructure testing tool inspired by Serverspec, but with modifications that make the tool more useful for security professionals who need to ensure compliance across thousands of servers. Individual tests can be combined into complete security profiles and run remotely from a command line. InSpec is useful for developers but extends to testing deployed production infrastructure continuously, moving toward QA in production.

Published : Mar 29, 2017

Download the PDF

 

 

English | Español | Português | 中文

Sign up for the Technology Radar newsletter

 

Subscribe now

Visit our archive to read previous volumes

Go to archive